[dm-devel] [PATCH 4/4] multipath: Fix a potential buffer overflow
Martin Wilck
mwilck at suse.com
Tue Jun 13 20:35:08 UTC 2017
Hello Bart,
On Tue, 2017-06-13 at 13:21 -0700, Bart Van Assche wrote:
>
> > > Hello Martin,
> > >
> > > Every sprintf() call requires careful analysis to see whether or
> > > not
> > > it
> > > triggers a buffer overflow. I really would like to get rid of
> > > that
> > > sprintf() call.
> >
> > Then we could write
> >
> > snprintf(*reply, 2, "%d", !!mpp->prflag);
> >
> > without needing _GNU_SOURCE.
>
> Hello Martin,
>
> There are already three other multipath-tools source files that
> #define
> _GNU_SOURCE so I don't see what's wrong with using _GNU_SOURCE.
Yes, I saw that. I haven't reviewed the reason why _GNU_SOURCE is used
in the other places. In general it's a thing I'd rather avoid for
portability reasons.
In this particular case, I think the problem at hand be easily solved
without resorting to _GNU_SOURCE.
But well, it's not a thing worth fighting about. May Christophe decide.
Martin
--
Dr. Martin Wilck <mwilck at suse.com>, Tel. +49 (0)911 74053 2107
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nürnberg)
More information about the dm-devel
mailing list